public function get_redirect_url($recipient_id)
{
$recipient_id = $this->hook->fire('get_redirect_url_start', $recipient_id);
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the user's profile after the email is sent)
// TODO
if ($this->request->getReferrer()) {
$redirect_url = validate_redirect($this->request->getReferrer(), null);
}
if (!isset($redirect_url)) {
$redirect_url = $this->feather->urlFor('userProfile', ['id' => $recipient_id]);
} elseif (preg_match('%Topic\\.php\\?pid=(\\d+)$%', $redirect_url, $matches)) {
$redirect_url .= '#p' . $matches[1];
}
$redirect_url = $this->hook->fire('get_redirect_url', $redirect_url);
return $redirect_url;
}
public function get_redirect_url($server_data)
{
if (!empty($server_data['HTTP_REFERER'])) {
$redirect_url = validate_redirect($server_data['HTTP_REFERER'], null);
}
if (!isset($redirect_url)) {
$redirect_url = get_base_url();
} elseif (preg_match('%viewtopic\\.php\\?pid=(\\d+)$%', $redirect_url, $matches)) {
// TODO
$redirect_url .= '#p' . $matches[1];
}
return $redirect_url;
}
// Loop through users we found
while ($cur_hit = $db->fetch_assoc($result)) {
if ($cur_hit['last_email_sent'] != '' && time() - $cur_hit['last_email_sent'] < 3600 && time() - $cur_hit['last_email_sent'] >= 0) {
message(sprintf(__('This account has already requested a password reset in the past hour. Please wait %s minutes before requesting a new password again.', 'luna'), intval((3600 - (time() - $cur_hit['last_email_sent'])) / 60)), true);
}
// Generate a new password and a new password activation code
$new_password = random_pass(12);
$new_password_key = random_pass(8);
$db->query('UPDATE ' . $db->prefix . 'users SET activate_string=\'' . luna_hash($new_password) . '\', activate_key=\'' . $new_password_key . '\', last_email_sent = ' . time() . ' WHERE id=' . $cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
$cur_mail_message = str_replace('<activation_url>', get_base_url() . '/settings.php?id=' . $cur_hit['id'] . '&action=change_pass&key=' . $new_password_key, $cur_mail_message);
$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
luna_mail($email, $mail_subject, $cur_mail_message);
}
message(__('An email has been sent to the specified address with instructions on how to change your password. If it does not arrive you can contact the forum administrator at', 'luna') . ' <a href="mailto:' . luna_htmlspecialchars($luna_config['o_admin_email']) . '">' . luna_htmlspecialchars($luna_config['o_admin_email']) . '</a>.', true);
} else {
message(__('There is no user registered with the email address', 'luna') . ' ' . htmlspecialchars($email) . '.');
}
}
}
}
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
if (!empty($_SERVER['HTTP_REFERER'])) {
$redirect_url = validate_redirect($_SERVER['HTTP_REFERER'], null);
}
if (!isset($redirect_url)) {
$redirect_url = get_base_url(true) . '/index.php';
} elseif (preg_match('%viewtopic\\.php\\?pid=(\\d+)$%', $redirect_url, $matches)) {
$redirect_url .= '#p' . $matches[1];
}
function validate_login_attempt($id)
{
global $lang_common, $db, $panther_url;
confirm_referrer('viewforum.php');
$password = isset($_POST['req_password']) ? panther_trim($_POST['req_password']) : '';
$redirect_url = validate_redirect($_POST['redirect_url'], panther_link($panther_url['index']));
// If we've tampered, or maybe something just went wrong, send them back to the board index
$data = array(':id' => $id);
$ps = $db->select('forums', 'password, salt', $data, 'id=:id');
if (!$ps->rowCount()) {
message($lang_common['Bad request']);
} else {
$cur_forum = $ps->fetch();
}
if (panther_hash($password . panther_hash($cur_forum['salt'])) == $cur_forum['password']) {
set_forum_login_cookie($id, $cur_forum['password']);
header('Location: ' . $redirect_url);
exit;
} else {
message($lang_common['incorrect password']);
}
}
